338622 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-71300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert arm64: zynqmp: Add an OP-TEE node to the device tree This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021632)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021632 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using exit for the remove...
Amazon Linux 2023 : editorconfig, editorconfig-devel, editorconfig-libs (ALAS2023-2026-1642)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1642 advisory. editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021620)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021620 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression cmd.wqesize cmd.wrcount, both...
Fedora 44 : opencryptoki (2026-1273c7855d)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1273c7855d advisory. Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following Tenable has extracted the preceding description block directly from...
RHEL 10 : libtiff (RHSA-2026:19586)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19586 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitra...
ISC BIND 9.20.0 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.0 < 9.21.22 Vulnerability (cve-2026-5947)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-5947 advisory. - Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming D...
Linux Distros Unpatched Vulnerability : CVE-2026-43462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emactxmemmap The DMA mappings were leaked on mapping...
Linux Distros Unpatched Vulnerability : CVE-2026-42002
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Concurrency and locking defects in GSS-TSIG CVE-2026-42002 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021629)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021629 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general...
Linux Distros Unpatched Vulnerability : CVE-2026-5950
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cau...
Fedora 44 : python-django6 (2026-de6e24ae07)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...
Linux Distros Unpatched Vulnerability : CVE-2026-43356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: imu: adis: Fix NULL pointer dereference in adisinit The adisinit function dereferences adis-ops to check if the individual function pointers write, read,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021618 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021559)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021559 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, ...
RHEL 9 : libtiff (RHSA-2026:19702)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19702 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
RHEL 7 : firefox (RHSA-2026:19704)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19704 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 9 : firefox (RHSA-2026:17689)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17689 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 9 : thunderbird (RHSA-2026:19468)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19468 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 8 : firefox (RHSA-2026:19542)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19542 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 9 : thunderbird (RHSA-2026:19461)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19461 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 9 : thunderbird (RHSA-2026:19469)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19469 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 8 : thunderbird (RHSA-2026:19467)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19467 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 8 : thunderbird (RHSA-2026:19466)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19466 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 9 : firefox (RHSA-2026:19464)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19464 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 8 : firefox (RHSA-2026:19655)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19655 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 8 : thunderbird (RHSA-2026:19465)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19465 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 10 : thunderbird (RHSA-2026:19463)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19463 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 9 : thunderbird (RHSA-2026:19462)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19462 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RockyLinux 9 : firefox (RLSA-2026:19201)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19201 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...
Ubuntu 25.10 / Pro Realtime 24.04 LTS : Linux kernel vulnerabilities (USN-8277-1)
"The remote Ubuntu 25.10 / Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8277-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-8280-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8280-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Cop...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-8279-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8279-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Cop...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-8281-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8281-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...
Fedora 44 : evince (2026-aea94fcc1c)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aea94fcc1c advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Fedora 43 : evince (2026-d29bd1ad07)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d29bd1ad07 advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1647)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1647 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API...
Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1648)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1648 advisory. @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbound...
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1667)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1667 advisory. Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is...
Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1702)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1702 advisory. In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been...
RHEL 9 : kpatch-patch-5_14_0-70_124_1, kpatch-patch-5_14_0-70_132_1, kpatch-patch-5_14_0-70_144_1, kpatch-patch-5_14_0-70_155_1, and kpatch-patch-5_14_0-70_167_1 (RHSA-2026:19575)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19575 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
RHEL 8 : kernel (RHSA-2026:19666)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19666 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Fragnesia is a variant of Dir...
RHEL 9 : kernel (RHSA-2026:19705)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19705 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: raw: fix ro-uniq...
RHEL 9 : kernel-rt (RHSA-2026:19711)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19711 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
RHEL 9 : kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_158_1 (RHSA-2026:19573)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19573 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021497)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021497 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...
Oracle Linux 8 : kernel (ELSA-2026-16195)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-16195 advisory. 4.18.0-553.124.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to t...
RHEL 8 : kernel-rt (RHSA-2026:19664)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19664 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
RHEL 8 : kpatch-patch-4_18_0-372_137_1, kpatch-patch-4_18_0-372_145_1, kpatch-patch-4_18_0-372_158_1, kpatch-patch-4_18_0-372_170_1, and kpatch-patch-4_18_0-372_181_1 (RHSA-2026:19564)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19564 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...